Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
f261a11
fix(ci): use noreply bot identity in changelog workflow commits
Copilot Jun 30, 2026
71a6d4f
Merge origin/main and resolve changelog workflow conflict
Copilot Jul 5, 2026
156d118
style: auto-fix pre-commit issues [skip ci]
github-actions[bot] Jul 5, 2026
686ab03
fix(ci): correct LLM router complexity bands; add secrets rotation ru…
labgadget015-dotcom Jul 9, 2026
401c2d6
docs: correct package-duplication analysis; record decision to keep d…
labgadget015-dotcom Jul 9, 2026
6c16891
chore: remove 4 dead top-level agents (triage/code_review/dependency/…
labgadget015-dotcom Jul 9, 2026
5f6afdb
feat(ci): schedule autopilot daily-summary generation
labgadget015-dotcom Jul 9, 2026
aa28df5
chore(autopilot): drop 3 paused repos from daily-summary scan
labgadget015-dotcom Jul 9, 2026
3eafc3e
feat(observability): Prometheus metrics exporter + coverage regressio…
Rafa-Ross Jul 10, 2026
79a8f1b
feat(docker): add metrics-exporter sidecar to monitoring profile
Rafa-Ross Jul 10, 2026
7ac4a15
style: auto-fix pre-commit issues [skip ci]
github-actions[bot] Jul 10, 2026
8c0be46
chore: green test suite, drop install-spam + Ai docs, add CodeQL work…
labgadget015-dotcom Jul 10, 2026
2cc59c4
test: raise branch coverage past 70% (health_monitor, llm_client, cli)
labgadget015-dotcom Jul 10, 2026
4ffe36b
ci: align workflow coverage sets with pytest.ini (fix PR pipeline 58.…
Jul 10, 2026
dcd9772
style: auto-fix pre-commit issues [skip ci]
github-actions[bot] Jul 11, 2026
2bdc13b
Merge remote-tracking branch 'origin/main' into copilot/autonomous-gi…
labgadget015-dotcom Jul 12, 2026
cfafbb3
style: auto-fix pre-commit issues [skip ci]
github-actions[bot] Jul 12, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 7 additions & 23 deletions .env.example
Original file line number Diff line number Diff line change
@@ -1,30 +1,14 @@
# GitHub Configuration
GITHUB_TOKEN=ghp_your_github_personal_access_token_here
GITHUB_API_URL=https://api.github.com
GITHUB_TIMEOUT=30

# LLM Provider (openai, anthropic, or local)
# LLM Provider (openai, anthropic, or local) — nested LLM_* schema
LLM_PROVIDER=openai

# OpenAI Configuration (if using OpenAI)
OPENAI_API_KEY=sk-your_openai_api_key_here
OPENAI_MODEL=gpt-4-turbo-preview

# Anthropic Configuration (if using Anthropic)
ANTHROPIC_API_KEY=sk-ant-your_anthropic_api_key_here
ANTHROPIC_MODEL=claude-3-opus-20240229

# Database (SQLite by default, or PostgreSQL connection string)
DATABASE_URL=sqlite:///./autonomous_agent.db
LLM_API_KEY=sk-your-llm-api-key-here
LLM_MODEL=gpt-4-turbo-preview
LLM_TEMPERATURE=0.2
LLM_MAX_TOKENS=4000

# Automation Level (manual, semi-auto, full-auto)
AUTOMATION_LEVEL=semi-auto

# Logging
LOG_LEVEL=INFO
LOG_FILE=logs/agent.log

# Rate Limiting
GITHUB_API_RATE_LIMIT=5000
LLM_API_RATE_LIMIT=100

# Audit Log Retention (days)
AUDIT_RETENTION_DAYS=90
4 changes: 2 additions & 2 deletions .github/scripts/generate_rollback_manifest.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
"""

import os
from datetime import datetime, timezone
from datetime import UTC, datetime


def main():
Expand All @@ -17,7 +17,7 @@ def main():
author = os.environ.get("AUTHOR", "unknown")
files_changed = os.environ.get("FILES_CHANGED", "").split()

timestamp = datetime.now(timezone.utc).strftime("%Y-%m-%d %H:%M UTC")
timestamp = datetime.now(UTC).strftime("%Y-%m-%d %H:%M UTC")

path = "docs/ROLLBACK.md"
os.makedirs("docs", exist_ok=True)
Expand Down
6 changes: 3 additions & 3 deletions .github/scripts/llm_router.py
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ class LLMRouter:
Decision Matrix:
- format, lint, doc, triage, changelog, summarize, label, classify,
rename, comment_simple, security LOW → Local (Llama-70B)
- security MEDIUM, review/test_generation <200 lines, complexity 10-20 → Moderate (try local, fall back to cloud)
- security MEDIUM, review/test_generation <200 lines, complexity 5-20 → Moderate (try local, fall back to cloud)
- refactor, architecture, multi_file, review >200 lines → Cloud (GPT-4-Turbo)
- security HIGH/CRITICAL → Cloud (GPT-4)
"""
Expand Down Expand Up @@ -89,9 +89,9 @@ def classify(self, task_type: str, context: dict) -> TaskComplexity:
score = context.get("score", 0)
if score > 20:
return TaskComplexity.COMPLEX
if score > 10:
if score >= 5:
return TaskComplexity.MODERATE
return TaskComplexity.SIMPLE # simple functions → local
return TaskComplexity.SIMPLE # trivial functions → local

if task_type in ["refactor", "architecture", "multi_file"]:
return TaskComplexity.COMPLEX
Expand Down
47 changes: 46 additions & 1 deletion .github/workflows/ai_agent_workflow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ jobs:

- name: Run tests with coverage
run: |
pytest --cov=core --cov=agents --cov=autopilot --cov=.github/scripts --cov-report=xml --cov-report=term -v
pytest --cov=autonomous_agent --cov=core --cov=agents --cov=overseer --cov=autopilot --cov=monitoring --cov-report=xml --cov-report=term -v

- name: Upload coverage
if: matrix.python-version == '3.11'
Expand All @@ -66,6 +66,14 @@ jobs:
file: ./coverage.xml
fail_ci_if_error: false

- name: Upload coverage XML for regression check
if: matrix.python-version == '3.11'
uses: actions/upload-artifact@v6
with:
name: coverage-xml
path: coverage.xml
retention-days: 7

code-quality:
runs-on: ubuntu-latest
steps:
Expand Down Expand Up @@ -151,3 +159,40 @@ jobs:
curl -s -X POST https://gadgetlab.app.n8n.cloud/webhook/ci-feedback \
-H 'Content-Type: application/json' \
-d "{\"repo\":\"${REPO}\",\"conclusion\":\"${CONCLUSION}\",\"run_url\":\"${RUN_URL}\",\"workflow_name\":\"${WORKFLOW}\",\"run_id\":\"${RUN_ID}\"}" || true

# Alert on coverage regression via the repo's regression_alert module.
# Runs monitoring/regression_alert.py against coverage.xml from the test job
# and posts to Slack (#drc-recommendations) when coverage drops below the floor.
regression-check:
needs: [test]
runs-on: ubuntu-latest
if: github.event_name == 'push' || !github.event.pull_request.draft
steps:
- name: Checkout code
uses: actions/checkout@v5

- name: Download coverage artifact
uses: actions/download-artifact@v7
with:
name: coverage-xml
path: .

- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.11'

- name: Install dependencies
run: pip install -r requirements.txt

- name: Extract coverage % and run regression check
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
run: |
if [ ! -f coverage.xml ]; then
echo "coverage.xml not found — skipping regression check"
exit 0
fi
COV=$(python -c "import xml.etree.ElementTree as ET; r=ET.parse('coverage.xml').getroot(); print(f\"{float(r.get('line-rate',0))*100:.2f}\")")
echo "Current coverage: ${COV}%"
python monitoring/regression_alert.py --coverage "$COV" || echo "::warning::Coverage regression detected — see Slack #drc-recommendations"
2 changes: 1 addition & 1 deletion .github/workflows/changelog.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
- name: Commit if changed
run: |
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add CHANGELOG.md
if ! git diff --staged --quiet; then
git commit -m "chore: update CHANGELOG [skip ci]"
Expand Down
4 changes: 3 additions & 1 deletion .github/workflows/code-quality-optimized.yml
Original file line number Diff line number Diff line change
Expand Up @@ -154,10 +154,12 @@ jobs:
- name: Run optimized pytest
run: |
pytest \
--cov=autonomous_agent \
--cov=core \
--cov=agents \
--cov=overseer \
--cov=autopilot \
--cov=.github/scripts \
--cov=monitoring \
--cov-report=xml \
--cov-report=term-missing \
--cov-report=html \
Expand Down
46 changes: 46 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
name: CodeQL Security Analysis

# GitHub-hosted CodeQL is free for public repositories (this repo went public 2026-06-27).
# This runs REAL semantic code analysis (not just Bandit's pattern grep) and uploads
# results to the GitHub Security tab. `security_scan.yml` uploads Bandit's SARIF under
# the `bandit` category; this workflow uploads CodeQL's under the `codeql` category so
# both engines appear side-by-side in code scanning.

permissions:
contents: read
security-events: write
actions: read
pull-requests: read

on:
push:
branches: [main, develop]
pull_request:
types: [opened, synchronize, reopened]
branches: [main]
schedule:
- cron: '17 3 * * 1' # Weekly Monday 03:17 UTC — randomized minute to avoid the top-of-hour stampede
workflow_dispatch:

jobs:
analyze:
name: Analyze (Python + JavaScript)
runs-on: ubuntu-latest
timeout-minutes: 360
steps:
- name: Checkout code
uses: actions/checkout@v5

- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: python, javascript
# Build-mode 'none' — pure source analysis, no compilation needed for this repo.
# JS analysis covers the .github/scripts automation + landing/ Next.js app.
queries: security-and-quality

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
category: codeql
upload: true
60 changes: 60 additions & 0 deletions .github/workflows/daily-summary.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
name: Daily Repository Summary (Autopilot)

# Runs autopilot/autopilot.py to produce DAILY_SUMMARY.md for the configured
# repos (see autopilot/config.yaml). The script is a standalone CLI that was
# previously undocumented/idle; this workflow makes the documented
# "daily summaries" feature actually run on a schedule.
#
# Security: runs with the default GITHUB_TOKEN (contents: write on this repo,
# plus read on the other labgadget015-dotcom repos via the token's account
# scopes). No secrets are echoed. Output is committed back to the repo so the
# summary is visible in the file tree.

on:
schedule:
# Daily at 06:17 UTC (off-round minute to avoid the top-of-hour stampede)
- cron: '17 6 * * *'
workflow_dispatch:

permissions:
contents: write

jobs:
daily-summary:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Need a real branch so we can commit the summary back
ref: ${{ github.ref }}

- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'

- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install pyyaml python-dotenv PyGithub

- name: Generate daily summary
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
cd autopilot
python autopilot.py --config config.yaml --output ../DAILY_SUMMARY.md

- name: Commit summary
run: |
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
if [ -n "$(git status --porcelain DAILY_SUMMARY.md)" ]; then
git add DAILY_SUMMARY.md
git commit -m "docs: daily summary $(date -u +'%Y-%m-%d') [skip ci]"
git push
else
echo "No summary changes — nothing to commit"
fi
Loading